X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/1b7586c9288d694b2bc443d62f3c40502868ff77..8e443649f374f14e522749949d6012eca1c6a973:/config/initializers/oauth.rb diff --git a/config/initializers/oauth.rb b/config/initializers/oauth.rb index 3b4f06a2e..57b89564f 100644 --- a/config/initializers/oauth.rb +++ b/config/initializers/oauth.rb @@ -1,9 +1,26 @@ require "oauth/controllers/provider_controller" +require "oauth/helper" require "oauth/rack/oauth_filter" Rails.configuration.middleware.use OAuth::Rack::OAuthFilter module OAuth + module Helper + def escape(value) + value.to_s.gsub(OAuth::RESERVED_CHARACTERS) do |c| + c.bytes.map do |b| + format("%%%02X", b) + end.join + end.force_encoding(Encoding::US_ASCII) + end + + def unescape(value) + value.to_s.gsub(/%\h{2}/) do |c| + c[1..].to_i(16).chr + end.force_encoding(Encoding::UTF_8) + end + end + module RequestProxy class RackRequest def method @@ -16,6 +33,7 @@ end module OpenStreetMap module ProviderController def self.prepended(mod) + super mod.singleton_class.prepend(OpenStreetMap::ProviderController::ClassMethods) end @@ -34,12 +52,12 @@ module OpenStreetMap module ClassMethods def included(controller) controller.class_eval do - def self.before_filter(*names, &blk) - before_action(*names, &blk) + def self.before_filter(...) + before_action(...) end - def self.skip_before_filter(*names, &blk) - skip_before_action(*names, &blk) + def self.skip_before_filter(...) + skip_before_action(...) end end @@ -47,6 +65,26 @@ module OpenStreetMap end end end + + module OAuthFilter + def oauth1_verify(request, options = {}, &block) + signature = OAuth::Signature.build(request, options, &block) + return false unless OauthNonce.remember(signature.request.nonce, signature.request.timestamp) + + value = signature.verify + if request.ssl? && !value + http_request = request.dup + http_request.define_singleton_method(:scheme) { "http" } + http_request.define_singleton_method(:port) { 80 } + signature = OAuth::Signature.build(http_request, options, &block) + value = signature.verify + end + value + rescue OAuth::Signature::UnknownSignatureMethod + false + end + end end OAuth::Controllers::ProviderController.prepend(OpenStreetMap::ProviderController) +OAuth::Rack::OAuthFilter.prepend(OpenStreetMap::OAuthFilter)